CrowdStrike Falcon Endpoint Protection Platform Features

Orchestration (4)

Asset Management: Lets users group and organize their endpoints to gather threat intelligence on specific technologies.
Security Workflow Automation: Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.
Deployment: The process in which users integrate their existing security systems and endpoints to the threat intelligence platform.
Sandboxing: A feature that allows security testing and information gathering to occur in a secure, resource independent environment.

Resolution Automation: Diagnose and resolve incidents without the need for human interaction.
Resolution Guidance: Guide users through the resolution process and give specific instructions to remedy individual occurrences.
System Isolation: Cuts off network connection or temporarily inactivate applications until incidents are remedied.
Threat Intelligence: Gathers information related to threats in order to gain further information on remedies.
Incident Investigation: Analyzes incidents, correlates related events, and determines the scope and impact of attacks.

Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Incident Case Management: Ability to track incidents, tasks, evidence, and investigation progress within a structured case.
Workflow Management: Administrators can organize workflows to guide remedies to specific situations incident types.
Extensibility: Allows for customized support for hybrid environments
Workflow Automation: Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.
Unified Visibility: Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.

Threat Intelligence: Stores information related to common threats and how to resolve them once incidents occur.
Vulnerability Assessment: Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised.
Advanced Analytics: Allows users to customize analytics with granulized metrics that are pertinent to your specific resources.
Data Examination: Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents.

Compliance: Monitors assets and enforces security policies to audit assets and infrastructure security.
Web Control: Filters websites and manages whitelisting to enforce compliance protocols for users accessing the internet within the network.
Application Control: Blocks endpoint users from accessing restricted applications.
Asset Management: Keeps records of each network asset and its activity. Discovers new assets accessing the network.
Device Control: Manages user network accessibility on laptops and mobile devices.

System Isolation: Cuts off network connection or temporarily inactivate applications until incidents are remedied.
Firewall: Protects endpoint devices from a variety of attacks and malware threats.
Endpoint Intelligence: Analysis for users to examine threat intelligence data specific to their endpoint devices.
Malware Detection: Provides multiple techniques and information sources to alert users of malware occurrences.

Automated Remediation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Incident Reports: Produces reports detailing trends and vulnerabilities related to their network and infrastructure.
Behavioral Analysis: Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Behavioral Analysis: Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators.
Data Context: Provide insights into why trends are occurring and what issues could be related.
Activity Logging: Monitors, records, and logs both real-time and post-event activity.

Response Automation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Threat Hunting: Facilitates the proactive search for emerging threats as they target servers, endpoints, and networks.
Rule-Based Detection: Allows administrators to set rules specified to detect issues related to issues such as sensitive data misuse, system misconfiguration, lateral movement, and/or non-compliance.
Real-Time Detection: Constantly monitors system to detect anomalies in real time.

Threat Intelligence: Stores information related to common threats and how to resolve them once incidents occur.
Artificial Intelligence & Machine Learning: Facilitates Artificial Intelligence (AI) such as Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.
Data Collection: Collects information from multiple sources to cross reference and build contextual to correlate intelligence.

24/7 support: Provides 24/7 support to customers with technical questions.
Proactive report alerts: Proactively sends reports or alerts to customers.
Application control: Lets users detect and block applications that are not a security threat.
Proactive threat hunting: Proactively hunts threats.
Rapid response time: Provides rapid reponse time to cyber threats.
Customizeable reports: Provides the ability to customize reports.
Managed Services: Offers MDR as a service.

AI Text Generation: Allows users to generate text based on a text prompt.
AI Text Summarization: Condenses long documents or text into a brief summary.
AI Text Summarization: Condenses long documents or text into a brief summary.
AI Text Summarization: Condenses long documents or text into a brief summary.
Generate Attack Scenarios: Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.
Generate Threat Detection Rules: Use AI to automatically create detection rules based on observed patterns.
Generate Threat Summaries: Use AI to produce concise summaries of complex threat reports or alerts.
AI Text Generation: Allows users to generate text based on a text prompt.
AI Text Summarization: Condenses long documents or text into a brief summary.